| require 'rack/oauth2' | |
| Rack::OAuth2.debug! | |
| client = Rack::OAuth2::Client.new( | |
| identifier: '<YOUR-CLIENT-ID>', | |
| secret: '<YOUR-CLIENT-SECRET>', | |
| authorization_endpoint: 'https://login.salesforce.com/services/oauth2/authorize', | |
| token_endpoint: 'https://login.salesforce.com/services/oauth2/token', | |
| redirect_uri: '<YOUR-CALLBACK-URL>' | |
| ) | |
| def endpoint_for(resource) | |
| scim_base_endpoint = 'https://<YOUR-DOMAIN>.my.salesforce.com/services/scim/v1' | |
| File.join(scim_base_endpoint, resource) | |
| end | |
| module JSONized | |
| def request_to(resource, method: :get, params: nil) | |
| response = send method, endpoint_for(resource), params.try(:to_json), 'Content-Type': 'application/json' | |
| puts JSON.pretty_generate JSON.parse(response.body) | |
| end | |
| end | |
| authorization_uri = client.authorization_uri( | |
| scope: [:api] | |
| ) | |
| `open "#{authorization_uri}"` | |
| print 'code: ' and STDOUT.flush | |
| code = gets.chop | |
| client.authorization_code = code | |
| token = client.access_token! :body | |
| token.extend JSONized | |
| # token.request_to 'Entitlements' # => ここのレスポンスから適切な Entitlement (e.g. Standard User) の識別子を取得しておく。 | |
| token.request_to 'Users', method: :post, params: { | |
| externalId: '<OIDC-SUBJECT-VALUE>', | |
| userName: 'some-user@your-idp.example.comp', | |
| name: { | |
| familyName: 'User', | |
| givenName: 'Some' | |
| }, | |
| emails: [{ | |
| value: 'some-user@your-idp.example.com' | |
| }], | |
| entitlements: [{ | |
| value: '<ENTITLEMETN-ID>' | |
| }] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment